Field of the Invention
The present invention relates to a technique for exchanging an encryption key between one communication device and a communication apparatus belonging to another party.
Description of the Related Art
Devices such as printers and mobile telephones equipped with a wireless LAN function have become increasingly popular in recent years. In order to protect the privacy of the users of such devices, a mechanism for encrypting data in wireless LANs has been standardized. A standard relating to a mechanism for sharing an encryption key between an authenticating apparatus (authenticator) and an authenticated apparatus (supplicant) is set forth in LAN/MAN Committee of the IEEE Computer Society, IEEE Std 802.11-2007 (Revision of IEEE Std 802.11-1999). Unicast key and group key exchange processing referred to as “four-way handshake” has been defined as processing executed between a device and a base station to which the device is connected, and a mechanism through which devices encrypt signals and communicate with each other via a base station has been established. Similarly, there are stipulations regarding four-way handshake in case of an adhoc mode in which devices directly communicate with each other without the intervention of a base station.
In the case of the adhoc mode, each of the devices performs the roles of both the authenticating apparatus and authenticated apparatus and bidirectional four-way handshake is executed twice. Since the group key is a key unique to the source of the transmission, four-way handshake is performed twice, changing the transmission source, in order to transmit the group key mutually between the authenticating apparatus and the authenticated apparatus. Further, with regard to the unicast encryption key when data is unicast, which encryption key of the encryption key of the authenticating apparatus and the encryption key of the authenticated apparatus is to be applied is decided depending upon whether or not the MAC addresses of the authenticating apparatus is larger than that of the authenticated apparatus.
However, with regard to processing for sharing an encryption key in the adhoc mode, the specifications set forth in LAN/MAN Committee of the IEEE Computer Society, IEEE Std 802.11-2007 (Revision of IEEE Std 802.11-1999) are such that it is conceivable that multiple forms of implementation will occur, depending upon the interpretation. As a result, a problem is that cases can occur in which devices having different forms of implementation cannot be mutually connected.
Japanese Patent Laid-Open No. 2008-099112 points out that although a unicast encryption key is determined by the third message (Message 3) of four-way handshake, whether the fourth message (Message 4) is to be sent using plain text or encrypted text is not decided. As a technique for solving this problem, Japanese Patent Laid-Open No. 2008-099112 describes a technique in which the supplicant sends Message 4 as plain text in a case where it has received Message 3 after transmission of the encrypted Message 4. However, Japanese Patent Laid-Open No. 2008-099112 is silent regarding adhoc networks and hence there is a need for measures to improve similar mutual connectivity with respect to adhoc networks.
The present invention has been devised in view of the foregoing problems and provides a technique that makes interconnection between communication apparatuses possible even in a case where different forms of implementation of security techniques are mixed together.